[
https://issues.apache.org/jira/browse/HADOOP-6603?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kan Zhang updated HADOOP-6603:
------------------------------
Attachment: HADOOP-6603-Y20S-4.patch
uploaded a new patch based on Jakob's patch (not for commit to trunk)
1. Moved SecurityUtil.java from hdfs to core.
2. Added comments on the possible presence of cross-realm TGT's in the
Subject's credential cache.
> Provide workaround for issue with Kerberos not resolving cross-realm principal
> ------------------------------------------------------------------------------
>
> Key: HADOOP-6603
> URL: https://issues.apache.org/jira/browse/HADOOP-6603
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Jakob Homan
> Attachments: HADOOP-6603-Y20S-2.patch, HADOOP-6603-Y20S-3.patch,
> HADOOP-6603-Y20S-4.patch, HADOOP-6603-Y20S.patch
>
>
> Java's SSL-Kerberos implementation does not correctly obtain the principal
> for cross-realm principles when clients initiate connections to servers,
> resulting in the client being unable to authenticate the server. We need a
> work-around until this bug gets fixed.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
